widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Device unable to recover from a bad certificate

Browse Source 
In the android media DRM api test, provisioning is indicated, when a
generate license request command is issued after a switch between L1 and
L3. This is as expected as oemcrypto is unable to decrypt
the key wrapped earlier (bad padding). Subsequent provisioning request
and storage of wrapped keys complete successfully. If the same session
is used to reissue a generate license request command, the wrapped keys
and cert used are those present in memory from the initial retrival,
rather than rereading the new ones from persistent storage.
This results in a cycle of successful provisioning attempts followed
by generation of license requests commands which return a provisioning needed
error.

A change has been added to reinitialize the session and reload the
wrapped keys.

b/8878324

Merge of https://widevine-internal-review.googlesource.com/#/c/5600/
from the Widevine CDM repository.

Change-Id: Iaf47d15d104fd681706df5f64be583af24186abe
This commit is contained in:
Jeff Tinker
2013-05-13 13:39:56 -07:00
parent 4cf8594a87
commit 0bbbcaa1cb
2 changed files with 22 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libwvdrmengine/cdm/core/include/cdm_session.h
View File

@@ -18,10 +18,12 @@ namespace wvcdm {
class CdmSession { class CdmSession {
public: public:
CdmSession() : session_id_(GenerateSessionId()), license_received_(false) {} CdmSession() : session_id_(GenerateSessionId()), license_received_(false),
reinitialize_session_(false) {}
~CdmSession() {} ~CdmSession() {}
CdmResponseType Init(); CdmResponseType Init();
CdmResponseType ReInit();
bool DestroySession(); bool DestroySession();
@@ -93,6 +95,7 @@ class CdmSession {
CryptoSession* crypto_session_; CryptoSession* crypto_session_;
PolicyEngine policy_engine_; PolicyEngine policy_engine_;
bool license_received_; bool license_received_;
bool reinitialize_session_;
KeyId key_id_; KeyId key_id_;

19
libwvdrmengine/cdm/core/src/cdm_session.cpp
View File

@@ -47,6 +47,11 @@ CdmResponseType CdmSession::Init() {
return UNKNOWN_ERROR; return UNKNOWN_ERROR;
} }
CdmResponseType CdmSession::ReInit() {
DestroySession();
return Init();
}
bool CdmSession::DestroySession() { bool CdmSession::DestroySession() {
if (crypto_session_) { if (crypto_session_) {
delete crypto_session_; delete crypto_session_;
@@ -68,6 +73,16 @@ CdmResponseType CdmSession::GenerateKeyRequest(
CdmAppParameterMap& app_parameters, CdmAppParameterMap& app_parameters,
CdmKeyMessage* key_request, CdmKeyMessage* key_request,
std::string* server_url) { std::string* server_url) {
if (reinitialize_session_) {
CdmResponseType sts = ReInit();
if (sts != NO_ERROR) {
return sts;
}
reinitialize_session_ = false;
}
if (!crypto_session_) { if (!crypto_session_) {
LOGW("CdmSession::GenerateKeyRequest: Invalid crypto session"); LOGW("CdmSession::GenerateKeyRequest: Invalid crypto session");
return UNKNOWN_ERROR; return UNKNOWN_ERROR;
@@ -90,8 +105,10 @@ CdmResponseType CdmSession::GenerateKeyRequest(
} }
if (Properties::use_certificates_as_identification()) { if (Properties::use_certificates_as_identification()) {
if (!crypto_session_->LoadCertificatePrivateKey(wrapped_key_)) if (!crypto_session_->LoadCertificatePrivateKey(wrapped_key_)) {
reinitialize_session_ = true;
return NEED_PROVISIONING; return NEED_PROVISIONING;
}
} }
if (!license_parser_.PrepareKeyRequest(pssh_data, if (!license_parser_.PrepareKeyRequest(pssh_data,